Lucene search
K

783 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:35 a.m.9 views

CVE-2019-7263

Linear eMerge E3-Series devices have a Version Control Failure...

10CVSS7.1AI score0.01795EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 11:0 p.m.4 views

CVE-2025-68398 Weblate has git config file overwrite vulnerability that leads to remote code execution

Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue...

9.1CVSS6.4AI score0.00489EPSS
Exploits0References6
OSV
OSV
added 2025/12/18 12:0 a.m.6 views

ALSA-2025:23667 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 For more detai...

8.6CVSS7AI score0.00707EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/17 4:4 p.m.5 views

CVE-2025-68165

In JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root setup...

6.1CVSS6.3AI score0.03459EPSS
Exploits0References1
NVD
NVD
added 2025/12/16 4:16 p.m.4 views

CVE-2025-68165

In JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root setup...

6.1CVSS0.03459EPSS
Exploits0References1
CVE
CVE
added 2025/12/16 3:27 p.m.13 views

CVE-2025-68165

CVE-2025-68165 is reported for JetBrains TeamCity: reflected XSS on the VCS Root setup in versions prior to 2025.11.0. The connected Nessus entry confirms the vulnerability exists in TeamCity

6.1CVSS6AI score0.03459EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/16 3:27 p.m.2 views

CVE-2025-68165

In JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root setup...

5.4CVSS6AI score0.03459EPSS
Exploits0References1
PyPA
PyPA
added 2025/12/16 12:16 a.m.12 views

PYSEC-2025-231

Weblate is a web based localization tool. The Create Component functionality in Weblate allows authorized users to add new translation components by specifying both a version control system and a source code repository URL to pull from. However, prior to version 5.15, the repository URL field is...

5CVSS5.9AI score0.00182EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.3 views

JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build issue analysis reports. A cross-site scripting vulnerability exists in JetBrai...

6.1CVSS6.1AI score0.03459EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.5 views

EulerOS 2.0 SP13 : golang (EulerOS-SA-2025-2521)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a...

9.1CVSS7AI score0.00778EPSS
Exploits1References5
OSV
OSV
added 2025/12/10 5:15 p.m.6 views

CVE-2025-67640

Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary shell script generated by the plugin, allowing attackers able to control the workspace directory name to inject arbitrary OS commands...

5CVSS6.9AI score0.00186EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/25 12:16 a.m.6 views

EUVD-2025-199412

Malicious code in @voiceflow/git-branch-check npm...

6.6AI score
Exploits0References3
Veracode
Veracode
added 2025/11/17 7:55 a.m.8 views

Command Injection

check-branches is vulnerable to command injection.The vulnerability is due to the tool trusting branch names as plain text and concatenating them into git commands, which allows an attacker to craft malicious branch names to execute arbitrary system commands...

9.8CVSS7.7AI score0.0139EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/11 1:44 p.m.7 views

CVE-2025-64688

In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget...

7.4CVSS6.8AI score0.0001EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/10 3:31 p.m.5 views

EUVD-2025-44049

In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget...

7.4CVSS6.3AI score0.0001EPSS
Exploits0References2
CVE
CVE
added 2025/11/10 1:27 p.m.13 views

CVE-2025-64688

CVE-2025-64688 is rejected/not used per the initial description.

6.4AI score0.0001EPSS
Exploits0
Cvelist
Cvelist
added 2025/11/10 1:27 p.m.12 views

CVE-2025-64688

...

0.0001EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/10 12:0 a.m.4 views

编号撤回

JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A security vulnerability exists in versions prior to JetBrains YouTrack 2025.3.104432, which...

6.3AI score0.0001EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.22 views

PT-2025-46157

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2025.3.104432 Description A missing VCS URL validation in JetBrains YouTrack allows delegation to unauthorized repositories through the Junie widget. This issue affects versions prior to 2025.3.104432...

7.4CVSS6.6AI score0.0001EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/10/31 6:10 p.m.12 views

CVE-2025-64112

Statmatic is a Laravel and Git powered content management system CMS. Stored XSS vulnerabilities in Collections and Taxonomies allow authenticated users with content creation permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. This vulnerability is fix...

8CVSS6AI score0.00279EPSS
Exploits0References1
Rows per page
Query Builder